RonSijm

joined 1 year ago
[–] RonSijm 17 points 7 months ago (6 children)

Probably, AWS and Google probably have millions of existing customers using Redis. And AWS and Google are not going to be paying for it themselves of course, but just pass the costs on to their customers.

So they can stick to the old official Redis version for a while, before the license change happened, but at some point someone might find a vulnerability, and patch it in the official Redis, and then everyone that's stuck on the old version is fucked - it's a bit of a ticking time-bomb to be stuck on an old version.

So then AWS and Google customers can decide

  • "I want to use the latest version of official Redis, and pay x per month per Redis cache" (if the new license allows that)
  • Or "AWS doesn't support a free Redis anymore, but competitor does, so I'm just gonna migrate my infra to a different cloud"

So if they already switch to an open-license fork they can preemptively mitigate most of those risks

[–] RonSijm 3 points 7 months ago (1 children)

Not really - "Everything is open-source if you know Assembly" - Look at Ghidra for example.

If code isn't obfuscated you can do an analysis what kinda stuff closed source software does. In C# (so if his game is written in Unity) you can even get very close to the original source code (IL code reversed back to C#).

That's why I mentioned anti-virus isn't going to be happy about it. You can easily google examples: examples[1] example[2] example[3] - that obfuscating is a red flag to a lot of anti-virus

[–] RonSijm 4 points 7 months ago (2 children)

Anti viruses won’t care as it won’t be injecting executable code.

How do you know parts of the encrypted stuff isn't executable code? Like is he has secret levels with secret functionalities then part of whats encrypted might get executed, or interpreted and executed or something like that.

If he's going out of his way to hide and encrypt secrets, I wouldn't be surprised if parts of his gameloop are obfuscated as well. And if Anti viruses detect high levels of obfuscation, that just raises flags as probabilistic malware

[–] RonSijm 18 points 7 months ago (18 children)

Basso is at least confident that data miners can’t brute force their way to discovering his encrypted secrets. He’s using industry-standard AES encryption. ”It's pretty secure, unless we get quantum computers or there's some giant vulnerability,” he said.

It's a fun idea, I guess, but I don't know how happy anti-virus kinda services are with having loads of very encrypted and obscured blocks of data.

It's a bit of a "trust me bro" situation where he claims he's just hiding secret levels and stuff - and isn't also secretly side-loading malware or something like that

[–] RonSijm 4 points 7 months ago

I suppose "parsing" is a more generic thing. If you "build a tree" you did some form of "parsing" - yes

However when you do "parsing" like "find all links in an html doc" - you're parsing, but not necessarily building a tree.

[–] RonSijm 50 points 7 months ago (4 children)

"OS support: The latest one” is not that bad of an requirement...

If they complain like "why doesn't this work on Windows Vista, on IE8" - you can just point to the specs and say you only support the latest OS.

So basically you only support the latest Nightly Build of Ubuntu, since that's the current latest OS

[–] RonSijm 1 points 7 months ago (1 children)

I suppose this is a bit of an StackOverflow answer "Opinions needed: Best way to develop NuGet packages" - Answer: "Don't. Do something else instead"

But seriously, why do you need internal NuGet packages? To distribute libraries, I guess, but then as you mention distribution is already going poorly, and local dev and testing is as well.

I switched from putting everything into NuGet to putting everything into Git Submodules - and just Submodule all the libraries that I need in a project, instead of using internal NuGets

[–] RonSijm 1 points 7 months ago

For simple snippets like templates I'm using Obsidian and Obsidian Templater ( - For any programmer I'd consider Obsidian the best note-taking-app by miles.)

For more complicated stuff I used to just build generators in code, but as you mentioned, that's kind of a nightmare to manage. So now I usually use Liquid Templates - and a custom parser I made to process them

[–] RonSijm 1 points 7 months ago (1 children)

I don’t see why I’d do that

Because just Dapper will perform a lot better executing raw sql queries than EF having to go through an entire expression tree builder.

Anyway, I wasn't saying that that example is a better way than doing it with EF, I was just going over your points where you mentioned that with raw SQL it's just all unreferenced magic strings with no references to tables or columns. And that you can't find where anything is used.

So that's just to explain - if you write your sql inside code in the poorest possible way - yea, you're gonna have a poor experience. But if you want to write raw sql instead of using an ORM, it's pretty easy to negate all those downsides about not having references

[–] RonSijm 1 points 7 months ago (3 children)

You can still do that.

For example, you'd still write classes for your tables:

    public class Users
    {
        public int Id { get; set; }
    }

and then you'd just do

   var query = $"select * from {(nameof(Users))} where {(nameof(Users.Id))} = 10;";

That let's you write raw sql about as close as it gets, while still having some degree of type-safety. You could drop a query like that into Dapper, and you're pretty close to just using raw sql.

[–] RonSijm 3 points 7 months ago

I saw this video yesterday: https://www.youtube.com/watch?v=jqjtNDtbDNI

The guy describes what's going on pretty good

[–] RonSijm 13 points 8 months ago (2 children)

There's a project nix-tree that lets you see the dependency trees of Nixos.

Try that, (or post the output here). To see if firefox is referenced somewhere in the packages you're using

view more: ‹ prev next ›